JPH11338985A - Security level setting and discrimination method, ic card and its use - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a discrimination method capable of setting and discriminating the security level corresponding to service contents and leaving a past service utilization history, and to provide an IC card and its use. SOLUTION: This IC card A is provided with a sensor part 1 for authentication for reading a certain intrinsic physical feature, a data processing part 2, a nonvolatile memory 3 capable of storing and additionally writing data relating to a service utilization right, a power relation part 4 provided with a terminal for power supply or a power supply part or the like for receiving power supply, a main memory part 5, an non-rewritable memory 6 for individually holding the data for individual authentication, an individual ID and a card ID and a data input/output part 7.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a security level setting judging method for enabling a security level to be selected in accordance with service contents, an IC card directly used for carrying out the method, and an IC for substantially using the IC card. The present invention relates to a method of using an IC card in a card service using system.

[0002]

2. Description of the Related Art Conventionally, an IC card comprises an arithmetic processing unit, a main storage unit, a ROM, a nonvolatile memory, and a data input / output unit. When an IC card is used, security is confirmed by comparing a password stored in the card, for example, with a password input to an external device, and a service can be received only when the password matches.

In addition, conventional IC cards include a regular IC card.
It does not have the function of checking the match between the card owner and the person who is actually using the IC card alone. In other words, there is a problem that as long as only the password to be input to the external device is known, it becomes possible to use the IC card by impersonating the IC card owner.

As a means for solving this problem, a sensor for reading physical characteristics such as a fingerprint and a voice print is provided on an IC card.
For example, Japanese Patent Application Laid-Open No. 63-5309 discloses
No. 9 is described.

[0005]

By incorporating a sensor for reading fingerprints, voice prints, and other physical characteristics into an IC card, an IC card with high security can be realized, but a card specialized only for services with very high security. Thus, a new problem arises in that personal authentication must be performed even for services that do not require personal authentication. In other words, the service cannot be benefited from the authenticated IC card unless the personal authentication is always performed with the IC card, which causes trouble in giving and receiving the service.

In addition, in the case of an IC card that performs personal authentication, if the data for personal authentication is falsified and an unauthorized service is used, if the service usage history of the IC card cannot be monitored, the unauthorized use continues forever. Occurs.

Here, the main objects to be solved by the present invention are as follows. That is, a first object of the present invention is to provide a security level setting discriminating method, an IC card and a method of using the same which enable setting of the necessity of personal authentication according to service contents.

A second object of the present invention is to provide a security level setting discriminating method, an IC card and a method of using the same, which can leave a past service use history.

A third object of the present invention is to provide a security level setting judging method, an IC card and a method of using the same which prevent extremely high unauthorized use as required.

[0010] Other objects of the present invention will become apparent from the description of the specification, drawings, and particularly from the claims.

[0011]

In order to solve the above-mentioned problems, according to the method of the present invention, before requesting a desired service, information relating to the necessity of personal authentication is stored in advance in the service request means in accordance with the contents of the requested service. In this case, the method is characterized in that a method of determining the presence or absence of personal authentication confirmation based on the information on the necessity in the service request unit at the time of a service request is provided.

In order to solve the above-mentioned problems, the card of the present invention is characterized in that means for storing in advance whether or not personal authentication is necessary for each service in accordance with the service content is taken.

In order to solve the above-mentioned problems, the method of use of the present invention is directed to use of a system having the card of the present invention, a terminal capable of processing the IC card, and a service center connectable to the terminal. To connect with the service center in advance and perform new registration,
It is characterized in that a method of setting a use environment between the IC card and the service center must be performed each time.

More specifically, in solving the problem, the present invention achieves the above object by adopting a novel characteristic configuration method and means ranging from a high-level concept to a low-level concept listed below. It is done as follows.

A first feature of the method of the present invention is that when requesting a desired service, security level setting discrimination is executed by executing a personal authentication process only when it is judged necessary according to a preset security level. It consists in adopting the configuration of the method.

A second feature of the method of the present invention is that when requesting a desired service, information relating to the necessity of personal authentication is stored in advance in the service requesting means in accordance with the contents of the requested service, and the service request is stored. In this case, a security setting determining method for determining the presence or absence of personal authentication confirmation based on information on the necessity of personal authentication in the service request means is adopted.

A third feature of the method of the present invention is that, when a desired service is requested from a plurality of services, information relating to the necessity of personal authentication is stored in advance in one service requesting means in accordance with each of the requested services. In this case, a security level setting discrimination method for discriminating the presence or absence of personal authentication based on the information on the necessity of personal authentication in the service request means at the time of a service request is employed.

According to a fourth feature of the method of the present invention, the information on the necessity of personal authentication in the second or third feature of the method of the present invention includes a service ID, a service providing condition, and information on whether personal authentication is required. It is in the configuration adoption of a security level setting determination method.

A fifth feature of the method of the present invention is that information on the necessity of personal authentication in the second, third or fourth feature of the method of the present invention is arbitrarily additionally written after initial setting for each service. It is in the configuration adoption of a security level setting method.

The first feature of the card of the present invention resides in the use of an IC card having means for storing in advance a security level necessary for personal authentication according to the service content.

A second feature of the card according to the present invention is that an authentication sensor unit, a data processing unit, a nonvolatile memory, a power supply-related unit,
In an IC card having a main storage unit, a non-rewritable memory, and a data input / output unit, collation with a specific physical feature detected by an authentication sensor unit based on service usage right information stored in a nonvolatile memory in advance. An IC card having a series of functions for determining a match by the data processing unit is employed.

According to a third feature of the card of the present invention, the service use right information in the second feature of the card of the present invention includes a service ID, service provision conditions, and a unique body of an IC card user based on an authentication sensor unit. In the configuration of an IC card which has the presence or absence of the characteristic information.

A fourth feature of the card of the present invention resides in the use of an IC card in which the service provision condition in the third feature of the card of the present invention is one or both of a service benefit period and a service benefit count.

According to a fifth feature of the card of the present invention, the non-rewritable memory in the second, third or fourth feature of the card of the present invention stores personal authentication data, a personal ID, and a card ID.
In the configuration of an IC card having a function of storing

According to a sixth feature of the card of the present invention, the non-rewritable memory in the second, third, fourth or fifth feature of the card of the present invention is a memory which is physically rewritable due to its physical structure. The configuration of the IC card is adopted.

A seventh feature of the card of the present invention is that the non-rewritable memory in the second, third, fourth or fifth feature of the card of the present invention is a memory which cannot be rewritten due to its data structure. The present invention resides in the configuration of a certain IC card.

An eighth feature of the card of the present invention is that the nonvolatile memory according to the second, third, fourth, fifth, sixth or seventh feature of the card of the present invention is an IC card in which additional writing is free. Configuration adoption.

The ninth feature of the card of the present invention is that the card of the present invention is the second, third, fourth, fifth, sixth, seventh or eighth of the present invention.
The power supply-related part in the feature of (1) lies in the configuration adoption of an IC card having a power supply part.

A tenth feature of the card of the present invention resides in that the power-related part in the second, third, fourth, fifth, sixth, seventh or eighth feature of the card of the present invention receives power supply. Configuration of an IC card having a power supply terminal.

An eleventh feature of the card according to the present invention is the data processing unit according to the second, third, fourth, fifth, sixth, seventh, eighth, ninth, or tenth feature of the card according to the present invention. However, there is a configuration of an IC card having a function of searching for information stored in a non-volatile memory and performing constant processing.

The twelfth feature of the card of the present invention is the same as that of the second, third, fourth, fifth, sixth, seventh, eighth, ninth, tenth, or eleventh feature of the card of the present invention. The data processing unit is configured to employ an IC card that further has a function of searching for information in a main storage unit, a non-writable memory, and a non-volatile memory and performing a fixed process on each of the information.

A thirteenth feature of the card of the present invention is that the card of the present invention is the second, third, fourth, fifth, sixth, seventh, eighth, ninth, tenth, eleventh or twelfth. I in the characteristics of
The C card has a configuration of an IC card further including a human interface unit.

A fourteenth feature of the card of the present invention resides in that an IC in which the human interface unit in the thirteenth feature of the card of the present invention has an input unit which can be manually input.
In the configuration of the card.

A fifteenth feature of the card of the present invention resides in that an IC in which the human interface unit in the thirteenth feature of the card of the present invention has an externally recognizable output unit.
In the configuration of the card.

A sixteenth feature of the card of the present invention resides in the use of an IC card in which the human interface unit in the thirteenth feature of the card of the present invention has the input unit and the output unit together.

A seventeenth feature of the card according to the present invention is that the input unit in the fourteenth or sixteenth feature of the card according to the present invention includes:
The present invention resides in adopting an IC card having a benefit service selecting function.

An eighteenth feature of the card of the present invention resides in that the input section in the fourteenth, sixteenth, or seventeenth feature of the card of the present invention employs a configuration of an IC card as a handwriting input means.

A nineteenth feature of the card of the present invention resides in that the handwriting input means in the eighteenth feature of the card of the present invention has an IC card having a handwriting input recognition function of decoding inputted information and encoding it. In the configuration adoption.

A twentieth feature of the card of the present invention resides in the use of an IC card in which the input in the nineteenth feature of the card of the present invention is character input, graphic input, picture input, or a combination thereof.

A twenty-first feature of the card of the present invention resides in that the input part in the fourteenth or sixteenth feature of the card of the present invention adopts an IC card configuration as a sound input means.

A twenty-second feature of the card of the present invention resides in a structure of an IC card in which the sound input means in the above-mentioned twenty-first feature of the card of the present invention has a voice recognition function of decoding and coding an inputted sound. In hiring.

A twenty-third feature of the card of the present invention resides in that the output part in the fifteenth or sixteenth feature of the card of the present invention is a display card, an LED lamp, a sound output module, or a combination of these IC cards. It is in.

A twenty-fourth feature of the card of the present invention resides in a structure of an IC card in which the sound output means in the twenty-third feature of the card of the present invention has a sound synthesizing function of outputting coded code sound. In hiring.

A twenty-fifth feature of the card of the present invention resides in the use of an IC card in which the input part and the output part in the sixteenth feature of the card of the present invention are integrated voice input / output means.

The twenty-sixth feature of the card of the present invention is that the second, third, fourth, fifth, sixth, seventh, eighth, ninth, tenth, eleventh, and twelfth of the above-described card of the present invention. , Thirteenth, fourteenth,
The data input / output unit according to the fifteenth, sixteenth, seventeenth, eighteenth, nineteenth, twentieth, twenty-second, twenty-third, twenty-fourth, or twenty-fifth features allows communication with a terminal corresponding to an IC card. In this case, an IC card having a wireless communication function is used.

A twenty-seventh feature of the card of the present invention is that the wireless communication function in the twenty-sixth feature of the card of the present invention is such that
O10536, ISO14443, ISO15693,
The present invention resides in adopting an IC card configuration based on the PHS system and IMT2000.

A twenty-eighth feature of the card of the present invention is that the card of the present invention is the second, third, fourth, fifth, sixth, seventh, eighth, ninth, tenth, eleventh, and twelfth. , Thirteenth, fourteenth,
The data input / output unit in the fifteenth, sixteenth, seventeenth, eighteenth, nineteenth, twentieth, twenty-second, twenty-third, twenty-fourth, twenty-fifth, twenty-sixth, or twenty-seventh feature is encrypted. The configuration of an IC card that allows input and output of the data is freely performed.

A twenty-ninth feature of the card of the present invention is that the second, third, fourth, fifth, sixth, seventh, eighth, ninth, tenth, eleventh, and twelfth of the card of the present invention are described above. , Thirteenth, fourteenth,
15th, 16th, 17th, 18th, 19th, 20th, 21st, 22nd, 23rd, 24th, 25th, 26th, 2nd
7th or 28th IC card is power ON / OF
The present invention resides in the configuration adoption of an IC card having switch means for controlling F.

A thirtieth feature of the card of the present invention resides in that the switch means in the twenty-ninth feature of the card of the present invention is such that:
An IC card having a function of receiving a signal from outside the card and turning on the power supply is provided.

The thirty-first feature of the card of the present invention is that the second, third, fourth, fifth, sixth, seventh, eighth, ninth, tenth, eleventh, and twelfth of the card of the present invention are described above. , Thirteenth, fourteenth,
15th, 16th, 17th, 18th, 19th, 20th, 21st, 22nd, 23rd, 24th, 25th, 26th, 2nd
The authentication sensor unit according to the seventh, twenty-eighth, twenty-ninth, or thirtieth feature is adopted in a configuration of an IC card which is a fingerprint reading sensor, a handwriting reading sensor, a voice sensor or an iris reading sensor, or a composite sensor combining the sensors. is there.

The thirty-second feature of the card of the present invention is that the card of the present invention is the second, third, fourth, fifth, sixth, seventh, eighth, ninth, tenth, eleventh, and twelfth. , Thirteenth, fourteenth,
15th, 16th, 17th, 18th, 19th, 20th, 21st, 22nd, 23rd, 24th, 25th, 26th, 2nd
The seventh, twenty-eighth, twenty-ninth, thirty-third, or thirty-first feature is that the authentication sensor unit is configured so that authentication is automatically executed when the IC card is gripped.

A thirty-third feature of the card of the present invention resides in that the arrangement in the thirty-second feature of the card of the present invention allows a fingerprint authentication process to be performed spontaneously by a finger touching the IC card. The present invention resides in the use of an IC card in which most of the surface is occupied by a fingerprint sensor.

A first feature of the use method of the present invention is that the IC card comprises the above-mentioned IC card of the present invention, a terminal capable of processing the IC card, and a service center connectable to the terminal.
In using the card service using system device, only after connecting the IC card to the service center via the terminal and newly registering the personal ID,
The present invention resides in adopting an IC card usage method in which a desired service is provided between the IC card and the service center by setting a use environment between the card and the service center each time.

A second feature of the use method of the present invention is that the new registration in the first feature of the use method of the present invention is performed in consideration of the result of personal authentication using an IC card and transmitted from a terminal to a service center. Based on the result of judging the possibility of use at the service center to determine whether it corresponds to the unusable personal ID previously notified based on the personal ID, if it is available, register the personal ID with the service center. Then, the terminal transmits the service ID transmitted from the service center to the IC card, and stores the service ID in the nonvolatile memory of the IC card. In the configuration adoption.

A third feature of the use method of the present invention is that the use environment setting in the first or second use method of the present invention is an IC
The service beneficiary transmits the set service usage environment together with the personal ID to the service center after setting the service use right information for the terminal or the IC card in consideration of the result of the personal authentication using the card. After confirming the transmitted information, the service center stores the transmitted information in the service center.
The present invention resides in the configuration adoption of a method of using an IC card which is executed by performing a series of steps described above by writing and registering the same information as the information stored in the service center in the nonvolatile memory of the C card.

A fourth feature of the use method of the present invention is that the terminal according to the third feature of the use method of the present invention, when a personal ID is input from a service requester, performs personal authentication with respect to the service requester. The necessity is determined from the service usage right information, and only when necessary as a result of the determination, a specific physical feature extraction process is performed by the authentication sensor unit in the IC card. If the personal authentication determination is unnecessary or positive, the personal ID and the service ID are transmitted from the terminal to the service center, and after confirming the transmission information, the service center confirms the transmission information. If it is determined that the IC card can be provided, the requested service is provided. The IC card usage method comprises a series of steps for processing.

A fifth feature of the use method of the present invention is that, when the IC card according to the third feature of the use method of the present invention receives the service ID from the terminal, the necessity of personal authentication is determined from the service use right information. Only when necessary as a result of the judgment, after performing a specific physical characteristic detection process by the authentication sensor unit, the personal authentication judgment is performed by comparing the processing result with the personal authentication data, and the personal authentication is performed. If the determination is unnecessary or positive, determine whether to provide the service based on the setting of the service usage environment, and if it is determined that the service can be provided, provide the service. It is in the adoption of the configuration of the IC card usage method.

According to a sixth feature of the method of use of the present invention, the determination that the service can be provided in the fourth or fifth feature of the method of use of the present invention is performed when the service is provided to the nonvolatile memory and the service center in the IC card. In the use of an IC card usage method in which additional service provision information is stored.

A seventh feature of the use method of the present invention is that the service providing information in the sixth feature of the use method of the present invention is:
The terminal and the service center communicate with each other via the terminal.
D or the personal ID is transmitted at the same time as sending and receiving, and it is confirmed whether the transmitted information related to the service providing information matches the information stored therein, and in the case of mismatch, the service provision is performed. The present invention resides in the configuration adoption of a method of using an IC card which is stopped and executed by taking a series of steps as described above.

[0060]

BRIEF DESCRIPTION OF THE DRAWINGS FIG.
An example of a card and an example of a method according to an embodiment of the present invention will be described.

(Example 1 of Card) FIG. 1 shows the structure of Example 1 of the present IC card. IC card A
Authentication sensor unit 1, Data processing unit 2, Non-volatile memory 3, Power supply unit 4 having a power supply terminal or power supply unit for receiving power supply, Main storage unit 5, Non-rewritable memory 6, Data It comprises an input / output unit 7.

The authentication sensor unit 1 is for reading physical characteristics of a fingerprint. The non-rewritable memory 6 is for individually storing personal authentication data, personal ID, card ID, and the like. By storing information about these individuals in a non-rewritable memory 6,
Falsification of personal information can be prevented. Here, the non-rewritable memory 6 is not only a memory that cannot be rewritten due to its form-for example, a ROM but also a non-rewritable memory that cannot be rewritten unless the stored data is protected to remove the protection. A memory having a possible logical structure may be used.

The non-volatile memory 3 stores service use right information, that is, service benefit period, number of service beneficiaries, other service provision conditions, and necessity information of a specific physical feature detection process, in addition to the service ID. Can be additionally written. When a plurality of services can be requested by one IC card A, the non-volatile memory 3 stores each service usage right information for each service.

The main storage unit 5 mainly stores the control contents such as the program of the IC card A, and the data processing unit 2 stores the control contents of the IC card A from the main storage unit 5 as appropriate.
The information read from the sensor by the authentication sensor unit 1, the personal authentication data from the non-rewritable memory 6, the service use right and the like from the non-volatile memory 3 are read and read from the respective units, This is an MPU part that actually performs control in the IC card A such as reading and storing each information in the nonvolatile memory 3.

In the case of the IC card A, fingerprint authentication using a fingerprint sensor has been described. However, the present invention is not limited to this. For example, authentication using handwritten characters equipped with a handwritten character input palette, voice authentication equipped with a voice input device, and iris reading device may be used. Needless to say, the provided iris authentication or other authentication may be used.

If necessary, the non-volatile memory 3 has a function of retaining past written information without erasing the information as an IC card A having security for preventing unauthorized use. reading,
By comparing the service information history in the IC card A with the service use history outside the card, for example, in the server,
Unauthorized use can be determined.

Actually, the IC card A becomes usable only after the authentication result and the service information are communicated with the other cooperative equipment through the data input / output unit 7, but if this communication is performed by the conventional contact method, It is necessary to insert the IC card A into, for example, a lead writer, and it must be inserted again due to an insertion error or the like.
The C card A may be damaged. For this purpose, the data input / output unit 7 may be provided with a wireless communication function and performed in a non-contact manner.

As means for realizing wireless communication, ISO 10
536 standard, ISO14443 standard, ISO15693
PHS, standard or conventionally used in portable data terminals
By using a generally accepted system such as the IMT2000 system, the use area of the IC card A is further expanded, thereby providing the IC card A that is easy for the user to use.

Here, an IC is provided by the above various communication means.
Communication of personal information stored in the card A is performed. In order to prevent leakage of information during communication, information encryption is extremely effective as a means for preventing the leakage of information during communication. By adding functions of encryption and decryption of encrypted information, it is possible to provide an IC card A with high security in another sense that prevents unauthorized use of the IC card A.

Although the first example of the card has been described above, the first example of the card is basically used, and the present invention is applicable to other card examples as described below.

(Card Example 2) FIG. 2 shows the configuration of Card Example 2 of the present invention. The IC card B is obtained by adding an output unit 8 to the IC card A of the card example 1 shown in FIG. Here, the output unit 8 has a built-in liquid crystal display device to display characters, figures, pictures, etc., has a built-in LED lamp to light or blink light, and has a built-in speaker to generate sound. It can be appropriately selected according to the usage form of the IC card.

With this configuration, for example, the result of comparing the read information from the authentication sensor unit 1 with the personal authentication data in the IC card can be displayed on the spot, confirmed by light or sound, or output by the output unit. When the display function is provided to the display unit 8, a service menu can be displayed on the output unit 8, and an IC card B having an improved human interface function can be provided.

(Card Example 3) FIG. 3 shows the configuration of Card Example 3 of the present invention. The IC card C is added to the IC card B of the card example 2 shown in FIG.
Is added. As the IC card itself becomes multi-functional, the selection and setting of functions becomes complicated. However, the benefit service selecting unit 9 eliminates the setting process in other cooperating devices which was conventionally required, and the IC card C It is possible to select and set functions only by the operation of.

Further, operation results such as function selection and setting can be displayed and confirmed on the output unit 8. As the benefit service selection unit 9, for example, a switch pad for moving a cursor in a display device having a display function in the output unit 8 is exemplified.

More specifically, when the IC card C is a commuter pass, it is not used as either a coupon or a coupon. Instead, one IC card may be used to provide both commuter pass and coupon functions. good. Note that the IC card C includes the output unit 8, but is not always necessary.

(Card Example 4) FIG. 4 shows the configuration of Card Example 4. The IC card D is obtained by adding a voice output unit 10 and a voice input unit 11 to the IC card A of the card example 1 shown in FIG. The voice output unit 10 and the voice input unit 11 are human interfaces that enable selection and setting of functions by voice.

As a result, a keyword corresponding to a function can be input by voice. This allows the user to interact with the IC card D via a voice-friendly human interface, which is very human-friendly.
IC card D that does not need to be operated and is very easy to use
Can be provided.

In this case, it is necessary to perform speech recognition and speech synthesis. As a method of executing these, a format performed by another cooperative device via communication of the data input / output unit 7 and a format performed in the IC card D can be considered.

For example, in the data processing unit 2 or the voice output unit 10 and the voice input unit 11 in the IC card D, it is more convenient to perform voice recognition and voice synthesis because communication processing is unnecessary and high-speed processing becomes possible. IC card D having a good human interface can be provided. Alternatively, the voice output unit 10 and the voice input unit 11 may be integrally configured as a voice input / output unit to perform voice recognition and voice synthesis.

(Card Example 5) FIG. 5 is a diagram showing the configuration of Card Example 5. The IC card E is obtained by adding a handwriting input unit 12 to the IC card A of the card example 1 shown in FIG. As the handwriting input unit 12, for example, a liquid crystal tablet is used. The actual size of the handwriting input unit 12 may be determined according to the content to receive the input.

Thus, an I-type interface having a human interface capable of selecting and setting functions by handwriting input, etc.
C card E can be provided. Handwriting input unit 12
, Not only characters but also figures, pictures, and the like can be input. As a result, it is possible to interact with the IC card E through a human-friendly human interface such as handwriting input, and it is not necessary to operate the troublesome service selecting unit 9. Therefore, it is possible to provide the IC card E which is very easy to use.

Here, work such as selection of functions by handwriting input is described. For example, a search function of information held in the IC card E is provided so that a target service can be automatically searched. , Which makes it easy to select and set functions and more convenient IC card E
Can be provided.

As a method of executing this processing, a method of performing the processing by another cooperative device through the communication of the data input / output unit 7 and the method of I
Although it is conceivable that the method is performed by the data processing unit 2 of the C card E, the processing by the data processing unit 2 of the IC card E can be performed at high speed because processing by communication is unnecessary, and a very easy-to-use human interface can be provided. Can be provided.

That is, by bringing the IC card E close to the terminal requesting the service through the data input / output unit 7,
The sensor information output from the terminal is input to the IC card E, and the function can be selected by the data processing unit 2 based on the information of the sensor.

As described above, the means for receiving the service request itself transmits information on the service contents,
The IC card E that senses the information specifies the service ID preset in one IC card E from the information on the service contents, and checks the service conditions for the service ID and the necessity of personal authentication in the IC card E. You can judge. This point is the other card example 1 shown in FIGS.
This is also true for No. 4.

(Card Example 6) FIG. 6 shows the structure of Card Example 6. The IC card F is obtained by adding a power switch 13 to the IC card A of the card example 1 shown in FIG. It is preferable that the power state of the IC card F itself is always ON in order to perform instantaneous processing on the spot, but the power state can be turned OFF when the IC card F is not used by providing the power switch 13. This can save power consumption.

(Card Example 7) FIG. 7 shows the structure of Card Example 7. The IC card G includes a power switch signal generation unit 1 and an IC card A of the card example 1 shown in FIG.
4 is added. In order to eliminate the need to operate the power switch 13, a power switch signal generator 14 is provided instead of the power switch 13. For example, if there is no operation of the IC card G for a certain period of time, the power switch is automatically turned off, and when a signal from another cooperative device is received, the power switch signal generator 14 is activated and the power switch is turned on. By doing so, there is an advantage that power consumption can be saved without having to operate the power switch 13.

(Eighth Card Example) FIG. 8 shows a configuration of the eighth card example. The IC card H differs from the IC card A of the card example 1 shown in FIG. 1 in the position of the authentication sensor unit 1 and the ratio of the surface area occupied by the IC card H. That is, in the IC card H, the sensor unit for extracting the characteristics of the individual is a fingerprint sensor. The IC card H is provided over an area that tends to be gripped.

In the IC card A, it is necessary for the user to recognize the fixed position of the fingerprint sensor 1 and perform an action of touching the finger. However, in the IC card H, the ratio of the surface area occupied by the authentication sensor 1 is large. As shown in FIG. 8, when the user uses the IC card H while paying attention to the characteristics of the human, the fingerprint sensor 1 is arranged in a portion where the user frequently touches the finger with the habit, so that the user can hold the IC card H. The fingerprint authentication process can be automatically executed at the
C card H can be provided.

As described above, the card example 1 has been described as the basic configuration of the IC card, and the card examples 2 to 8 have been described in order to further enhance the convenience. Advantages can be provided, and by using an IC card having a plurality of functional modules for that purpose, a more convenient IC card can be provided.

(Example of Security Level Setting Judgment Method) Next, the processing procedure of an example of the security level setting judgment method applied to the card examples 1 to 8 will be described.

By storing the service use right information corresponding to the service contents in the nonvolatile memory 3 of the IC cards A to H, it is necessary to perform personal authentication by the authentication sensor unit 1 at the time of providing the service based on the service use right information. Can be arbitrarily set, and various service security levels can be set, so that it is possible to respond to requests from service providers. Then, when requesting a service, it is determined whether personal authentication is necessary based on the storage state of the nonvolatile memory 3 of the IC cards A to H.

For example, when the IC cards A to H are used as a commuter pass and a coupon, the regular use period and the number of uses are stored in the nonvolatile memory 3 as service provision conditions of the service use right information. As a result, it is possible to add, as service use right information, a time limit and a limit on the number of service benefits without performing personal authentication processing on the IC cards A to H. When the IC cards A to H are used as commuter passes, personal authentication can be set to be unnecessary during the beneficiary period, and troublesome processing is not required.

When the IC cards A to H are used as coupons, the number of times personal authentication is unnecessary can be simultaneously checked by the ticket gate, and the number of times of use held in the IC cards A to H can be reduced. I just need. Even in the case of a coupon, if the expiration date is used, it can be dealt with by setting a service benefit period. Further, there is no particular service provision condition, and it is possible to set only the necessity of personal authentication. Specifically, an example of a method of using the IC cards A to H in the IC card system described below will be described.

[0095]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS A procedure for implementing an example of a method of using an IC card in a card example will be described. Prior to the description of the present usage example, an IC card service use system α used by the present usage example
Will be described with reference to FIG. The IC card service use system α includes the IC cards A to H capable of determining the security level of the card examples 1 to 8 and the IC cards A to
H capable of processing H and service center (server) γ
And

The service center γ and the terminal β are connected by a communication line δ such as a dedicated line, a network line or a communication network in which the terminals are connected. On the other hand, the IC cards A to H capable of determining the security level and the terminal β are wired. Or wireless connection.

The above is the basic configuration of the system α, and it is possible to add various devices as necessary or to change the device to operate in the same manner as the basic configuration. For example, terminal β
May be an information communication device such as a computer as long as it can exchange information with the IC cards A to H. The service center γ is preferably connected to the communication line δ and can provide a plurality of services, but may be a single service.

When a service is requested through the terminal β using the IC cards A to H by using the IC card service use system α, the service to be received in advance is contacted with the service center γ which is the service provider concerned. It is necessary to make a new registration and to set the use environment between the IC cards A to H and the service center γ. In the following description, operations that are normally required such as connection of the line δ will be omitted, and only the part related to the root of the present invention will be described.

<New Registration> FIG. 10 shows IC cards A to H
5 shows the steps of using the IC card service use system α at the time of new registration for receiving a network service with the service center γ at the terminal β in cooperation with the terminal β.

First, a request for a personal ID is made from the terminal β to the individual user (ST1). After insertion, personal authentication is performed by the IC cards A to H (ST2). As a result of personal authentication (ST3), if the personal information matches the registered personal information, the personal ID is transmitted to the service center γ (ST2).
4) If they do not match, a registration refusal notice is presented to the user (ST5). Note that ST2 can be omitted as necessary, and in that case, the process proceeds to ST4.

After ST4, the server in the service center γ checks the personal ID (ST6). The check of the personal ID here means, for example, IC cards A to H
Whether the personal ID stored in the non-rewritable memory 6 in the server conforms to the regulations of the service center γ, and holds the personal ID as a list so as not to provide a service between the service centers γ And whether the service center γ can provide the service, such as not to provide the service when the cardholder requests the service before the service provision starts Check whether it is based on the personal ID.

Then, it is determined whether or not it can be used (S
T7). At this time, if the service cannot be used, a registration impossible notification is presented to the user (ST5). If the service can be used, a personal ID for the new service is registered in the service center γ in the server in the service center γ ( S
T8), the completion of registration is notified to the user (ST9), and the service ID is recorded and registered in the nonvolatile memory 3 of the IC card (ST10).

<Setting of Service Usage Environment> FIG. 11 shows a case where the user sets the service usage environment in the newly registered IC cards A to H and notifies the service center γ of the setting information.
It shows the operation of the advance step of the execution of the IC card service use system α in setting the service use environment, in which the setting information is written in the IC cards A to H.

First, from the terminal β to the user, an individual I
A request for D is made (S1). After insertion, IC card A ~
H performs personal authentication (S2). If the personal information does not match the registered personal information as a result of the personal authentication determination (S3), a registration refusal notice is presented to the user (S3).
4) If they match, a service use environment setting is performed on the terminal β (S5).

As the setting of the service use environment, as described above as an example of the security level setting judging method,
For example, it is possible to set a service benefit period or the number of times that personal authentication is not required for the IC cards A to H. Thereafter, the personal ID and the set service use environment are transmitted to the service center (S6).

The server in the service center γ checks the transmitted service use environment (S7). According to the confirmation determination (S8), if it is inappropriate, a registration impairment notification is presented to the user (S4). If appropriate, the setting of the service use environment is registered (S9), and the user is notified of the registration completion (S9).
T10) The service use environment data is written and registered in the nonvolatile memory 3 of the IC card (ST11).

(Practical example) A practical example of the execution procedure after the above setting is performed is shown below. Here, the services include a periodical electronic distribution service and an electronic ticket voucher service. The number of times and beneficiary period will be described in order.

<Case of Periodical Publication Electronic Distribution Service> FIGS. 12 and 13 show an execution procedure of the IC card service use system α when assuming a periodic publication electronic distribution service using an IC card. FIG. 12 shows the case where the service presentation condition is the benefit period, and FIG. 13 shows the case of the benefit number.

A case where the service providing condition in FIG. 12 is a benefit period will be described. First, a request for a personal ID is made from the terminal β to the individual (SE1). When inserted, IC
Confirmation of the necessity of the personal authentication using the cards A to H is performed (SE2). Here, if it is determined that the personal authentication unnecessary service is out of the benefit period and that personal authentication is necessary, personal authentication is performed (SE3), and the result is determined to match or not match the already registered personal information ( SE4).

If the IDs do not match, the user is notified that the electronic distribution is not possible (SE5). If the IDs match, the personal ID and the service ID are transmitted to the server of the service center γ (SE6). On the other hand, if it is determined in SE2 that it is unnecessary, the server in the service center γ is
The personal ID and the service ID are transmitted (SE6).

In the server in the service center γ, the received personal ID and service ID are confirmed (SE
7). Here, if the result of the confirmation determination (SE8) indicates that the electronic distribution is unavailable, the user is notified that the electronic distribution is impossible (SE5),
If available, electronic distribution of periodicals to the user is performed from the service center γ to the terminal β (SE
9). After the end of the electronic distribution, the user notifies the server of the service center γ of the completion of the electronic distribution (SE10). This ends a series of operations.

Next, the case where the service provision condition of FIG. 13 is the number of benefits will be described. First, a request for a personal ID is made from the terminal β to the individual (SE1). When inserted, IC
Confirmation of the necessity of the personal authentication using the cards A to H is performed (SE2). Here, when it is determined that the number of times of the personal authentication unnecessary service is out of the number of times and the personal authentication is necessary, the personal authentication is performed (SE3), and the result is determined to match or not match the already registered personal information (SE4). ).

If not, the user is notified that the service cannot be used (SE5).
The personal ID and the service ID are transmitted to the server inside (SE6). On the other hand, if it is determined in SE2 that the number of times of personal authentication is unnecessary and that personal authentication is unnecessary, the personal ID and the service ID are transmitted to the server in the service center γ (SE6).

In the server in the service center γ, the received personal ID and service ID are confirmed (SE
7). Here, if the result of the confirmation determination (SE8) indicates that the electronic distribution is unavailable, the user is notified that the electronic distribution is impossible (SE5),
If available, electronic distribution of periodicals to the user is performed from the service center γ to the terminal β (SE
9). After the end of the electronic distribution, a process of subtracting one from the number-of-benefits data in the nonvolatile memory 3 in the IC cards A to H is performed (SE11). Then, in the processing on the terminal β side, the user is notified of the completion of the distribution to the service center γ (SE
12). Then, a series of execution ends.

In any case, the service center γ
Provided the service, personal ID, service I
D, information on the number of actual benefits received and other service provisions are sent to the terminal β at the same time as the electronic distribution, and the information is additionally written in the nonvolatile memory 3 in the IC cards A to H, and It is also stored in a server in the center γ.

When the terminal β transmits the personal ID and the service ID to the service center γ when the next service provision request is made (SE6), the information additionally written into the nonvolatile memory 3 at the same time. At the same time to confirm the personal ID and service ID at the service center γ (SE
At the time of 7), it is possible to eliminate unauthorized transactions by judging whether the information additionally written in the IC cards A to H and the information additionally written in the service center γ are the same at the same time. it can.

Thus, in electronic merchandise transactions such as electronic distribution of periodicals, by setting standards having predetermined rules for individual services, illegal transactions can be prevented in electronic merchandise transactions and smooth Economic and commercial activities take place.

<Electronic Ticket Ticket Service> FIGS. 14 and 15 show the use of the IC card service using system α when the electronic ticket ticket service is assumed. FIG.
4 shows a case where a service beneficiary period is set, specifically, a commuter pass, and FIG. 15 shows a case where a service beneficiary number is set, specifically, a case of a coupon without an expiration date.

A case where the service benefit period is set will be described with reference to FIG. First, the service ID is transmitted from the ticket gate to the individual IC cards A to H (SG1). Then, the necessity of the personal authentication of the service is confirmed by the service use right information of the nonvolatile memory 3 in the IC cards A to H (SG2).

When it is determined that personal authentication is necessary, personal authentication is performed (SG3), and the result of the authentication is determined (SG4). And if it is determined to be false,
The ticket gate is closed (SG5). On the other hand, if it is determined to be positive, the service beneficiary period is collated in the IC cards A to H (SG6), and if it is within the service beneficiary period, a pass request is made to the ticket gate. (SG7), the ticket gate is opened (SG
8). If it is out of the service beneficiary period, the ticket gate is closed (SG5).

If it is determined that personal authentication is unnecessary,
The service benefit period is collated in the IC cards A to H (SG6). If it is determined that the service is within the service beneficiary period, a pass request is made to the ticket gate (SG7),
The ticket gate is opened (SG8). If it is determined that the service is not eligible for the service benefit period, the ticket gate is closed (SG5).

The case where the number of service beneficiaries is set will be described with reference to FIG. First, the service ID is transmitted from the ticket gate to the individual IC cards A to H (SG1). Then, the necessity of the personal authentication of the service is confirmed by the service use right information of the nonvolatile memory 3 in the IC cards A to H (SG2).

When the personal authentication is required, the personal authentication is performed (SG3), and the result of the authentication is determined (S3).
G4). Then, if it is determined to be false, the ticket gate is closed (SG5). If judged positive, IC
The service beneficiary period is checked in cards A to H (SG
6) If the service is within the number of benefits, the gate is requested to pass (SG7), the gate is opened (SG8), and the number of benefits in the nonvolatile memory 3 in the IC cards A to H is subtracted. Processing is performed (SG9). If it is out of the service beneficiary period, the ticket gate is closed (SG5).

If personal authentication is not required, the service benefit period is collated in the IC cards A to H (SG).
6). If it is within the service beneficiary period, a request is made to the ticket gate to pass (SG7), the ticket gate is opened (SG8), and the number of beneficiary times in the non-volatile memory of the IC cards A to H is subtracted. (SG
9). On the other hand, when it is out of the service benefit period, the ticket gate is closed (SG5).

In the case of an electronic ticket ticket as in the case of the periodic publication electronic distribution service, the personal ID and the service I
D. Information about the actual number of benefits received and the provision of other services can be additionally written to the storage device in the ticket gate, thereby preventing unauthorized service requests.

That is, when it is determined that authentication is not required, after the determination of necessity of authentication (SG2), and when it is determined that authentication is required, after individual authentication is determined (SG4), the past information of the additional writing information in the electronic ticket ticket is deleted. By transmitting the history to the ticket gate and confirming whether the transmitted information matches the information additionally written in the storage device in the ticket gate, an unauthorized service request can be dealt with.

Further, it is not always necessary to provide a storage device capable of additionally writing in the ticket gate. It is possible to prevent unauthorized service requests by storing personal information and information to be additionally written in a center connected to several ticket gates. it can.

Further, if confirmation for preventing an unauthorized service request is performed every time, the information to be confirmed may become enormous, and therefore, it is usually necessary to use the ticket gate and the IC cards A to H at the time of providing the previous service request. Providing prompt service requests by checking whether only the exchanged data matches, and checking the past history as necessary, and making appropriate changes according to the security level Is made.

[0129]

As described above, according to the present invention,
For services with different security levels, such as services that require high security and services that are not so high, you can flexibly set whether to perform personal recognition processing,
Extremely convenient IC card, IC card usage,
A security level setting determination method can be provided. In addition, an IC card having a human interface and an IC card service utilization system can be provided at the same time. Furthermore, it is possible to provide an IC card, an IC card usage method, and a security level setting method that are extremely resistant to unauthorized use.

[Brief description of the drawings]

FIG. 1 is a block diagram showing an internal configuration of Card Example 1, which is a basic configuration of an IC card according to an embodiment of the present invention.

FIG. 2 is a card example 2 in which an output unit is added to the card example 1 of the above.
FIG. 2 is a block diagram showing the internal configuration of FIG.

FIG. 3 is a block diagram showing the internal structure of Card Example 3 in which a beneficial service selecting unit is added to Card Example 2 of the above.

FIG. 4 is a block diagram showing the internal configuration of Card Example 4 in which a voice input unit and a voice output unit are added to Card Example 1 of the above.

FIG. 5 is a block diagram showing the internal configuration of Card Example 5 in which a handwriting input unit is added to Card Example 1 of the above.

FIG. 6 is a block diagram showing an internal configuration of Card Example 6 in which a power switch is added to Card Example 1 of the above.

FIG. 7 is a block diagram showing the internal configuration of Card Example 7 in which a power switch signal generator is added to Card Example 1;

FIG. 8 is a block diagram showing the internal configuration of Card Example 8 showing the embodiment of the present invention.

FIG. 9 is a schematic diagram of an IC card service using system used in an example of an IC card using method showing an example of an embodiment of the present invention.

FIG. 10 IC for new registration in the usage example of the above.
It is a flowchart showing the use of the card service utilization system.

FIG. 11 is a flowchart showing the use of the IC card service using system at the time of setting a service using environment showing an example of the same usage method.

FIG. 12 is a flowchart showing the use of the IC card service using system assuming a benefit period of the periodic publication electronic distribution service showing the same practical example.

FIG. 13 is a flow chart showing the use of the IC card service using system in the case where it is assumed that the benefits of the periodic publication electronic distribution service shown in the practical example of the present invention are recovered.

FIG. 14 is a flowchart showing the use of the IC card service using system assuming a benefit period of the electronic ticket ticket service system showing another practical example of the above.

FIG. 15 is a flowchart showing the use of the IC card service using system in the case of a coupon of the electronic ticket ticket service system showing another practical example of the above.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 ... Authentication sensor part 2 ... Data processing part 3 ... Non-volatile memory 4 ... Power supply related part 5 ... Main storage part 6 ... Non-rewritable memory 7 ... Data input / output part 8 ... Output part 9 ... Beneficiary service selection part 10 ... voice output unit 11 ... voice input unit 12 ... handwriting input unit 13 ... power switch 14 ... power switch signal generation unit A, B, C, D, E, F, G, H ... IC card α ... IC card service use system β: Terminal γ: Service center δ: Communication line

──────────────────────────────────────────────────の Continuation of the front page (51) Int.Cl. ⁶ Identification code FI G06K 19/073 G06K 19/00 P (72) Inventor Kikuji Kato 3-19-2 Nishishinjuku, Shinjuku-ku, Tokyo Nippon Telegraph and Telephone Inside the corporation

Claims (45)

[Claims] 1. A security level setting determination method, wherein a personal authentication process is executed only when a desired service is requested and it is determined that it is necessary based on a preset security level. 2. When requesting a desired service, information relating to the necessity of personal authentication is stored in advance in a service requesting means in accordance with the contents of the requested service. A security level setting determination method, comprising: determining whether or not personal authentication has been confirmed based on information on the necessity of personal authentication. 3. When requesting a desired service from among a plurality of services, information relating to the necessity of personal authentication is stored in advance in one service request means in accordance with each of the requested services. A security level setting determination method, comprising: determining whether personal authentication is performed based on information on personal authentication necessity in the service request unit. 4. The security level setting judging method according to claim 2, wherein the information on the necessity of personal authentication includes a service ID, a service providing condition, and information on necessity of personal authentication. 5. The security level setting judging method according to claim 2, wherein the information on the necessity of personal authentication is additionally written arbitrarily after initial setting for each service. 6. An IC card having means for preliminarily storing a security level required for personal authentication according to service contents. 7. An IC card having an authentication sensor unit, a data processing unit, a non-volatile memory, a power supply unit, a main storage unit, a non-rewritable memory, and a data input / output unit, wherein the non-volatile memory is stored in advance. An IC card having a series of functions for the data processing unit to determine whether the data processing unit matches or matches a specific physical feature detected by the authentication sensor unit based on the service usage right information. 8. The service use right information according to claim 7, wherein the service ID, service provision conditions, and unique physical characteristic information of the IC card user by the authentication sensor unit. IC card. 9. The IC card according to claim 8, wherein the service providing condition is one or both of a service benefit period and a service benefit number. 10. The IC card according to claim 7, wherein the non-rewritable memory has a function of storing personal authentication data, a personal ID, and a card ID. 11. The memory device according to claim 7, wherein said non-rewritable memory is a memory which is physically non-rewritable.
C card. 12. The I memory according to claim 7, wherein said non-rewritable memory is a memory which cannot be rewritten due to a data structure.
C card. 13. The nonvolatile memory according to claim 7, wherein additional writing is enabled.
2. The IC card according to 2. 14. The power supply-related section has a power supply section.
Or the IC card according to 13. 15. The power supply-related section has a power supply terminal for receiving power supply.
Or the IC card according to 13. 16. The data processing unit according to claim 7, further comprising a function of searching for information stored in said non-volatile memory and performing constant processing.
16. The IC card according to 2, 13, 14, or 15. 17. The data processing unit according to claim 1, further comprising a function of searching for information in said main storage unit, said non-writable memory and said non-volatile memory and performing a fixed process on each of them. Terms 7, 8, 9, 10, 11, 1
The IC card according to 2, 13, 14, 15, or 16. 18. The IC card according to claim 7, further comprising a human interface unit.
The IC card according to 2, 13, 14, 15, 16 or 17. 19. The IC card according to claim 18, wherein said human interface unit has an input unit which can be manually input. 20. The IC card according to claim 18, wherein the human interface unit has an output unit that can be recognized externally. 21. The IC card according to claim 18, wherein said human interface unit includes both said input unit and said output unit. 22. The IC card according to claim 19, wherein the input unit has a benefit service selecting function. 23. The input device according to claim 19, wherein the input unit is a handwriting input unit.
C card. 24. The IC card according to claim 23, wherein said handwriting input means has a handwriting input recognition function of decoding input information and encoding the information. 25. The IC card according to claim 24, wherein the input is character input, graphic input, picture input, or a combination thereof. 26. The IC card according to claim 19, wherein the input unit is a sound input unit. 27. The IC card according to claim 26, wherein said sound input means has a voice recognition function of decoding and coding an input sound. 28. The IC card according to claim 20, wherein the output unit is a display unit, an LED lamp, a sound output unit, or a combination thereof. 29. The IC card according to claim 28, wherein said sound output means has a sound synthesis function of outputting coded code data as sound. 30. The IC card according to claim 21, wherein said input section and said output section are integrated voice input / output means. 31. The data input / output unit has a wireless communication function for communication with a terminal corresponding to the IC card.
2, 13, 14, 15, 16, 17, 18, 19, 2,
0, 21, 22, 23, 24, 25, 26, 27, 2
The IC card according to 8, 29 or 30. 32. The wireless communication function includes: ISO10536, ISO14443, ISO1569
The IC card according to claim 31, wherein the IC card conforms to the PHS method and IMT2000. 33. The data input / output unit according to claim 7, wherein the encrypted data can be freely input and output.
2, 13, 14, 15, 16, 17, 18, 19, 2,
0, 21, 22, 23, 24, 25, 26, 27, 2
The IC card according to 8, 29, 30, 31, or 32. 34. The IC card according to claim 7, further comprising switch means for controlling ON / OFF of a power supply.
2, 13, 14, 15, 16, 17, 18, 19, 2,
0, 21, 22, 23, 24, 25, 26, 27, 2
The IC card according to 8, 29, 30, 31, 32 or 33. 35. The switch means receives a signal from the outside of the IC card and turns off the power supply.
35. The IC card according to claim 34, having a function of setting an N state. 36. A sensor according to claim 7, wherein said authentication sensor unit is a fingerprint reading sensor, a handwriting reading sensor, a voice sensor or an iris reading sensor, or a composite sensor combining said sensors. , 10, 11, 1
2, 13, 14, 15, 16, 17, 18, 19, 2,
0, 21, 22, 23, 24, 25, 26, 27, 2
The IC card according to 8, 29, 30, 31, 32, 33, 34, or 35. 37. The authentication sensor unit according to claim 7, wherein the authentication sensor unit is arranged so that authentication can be automatically performed when the IC card is gripped. 1
2, 13, 14, 15, 16, 17, 18, 19, 2,
0, 21, 22, 23, 24, 25, 26, 27, 2
8, 29, 30, 31, 32, 33, 34, 35 or 3
6. The IC card according to 6. 38. The arrangement, wherein the fingerprint sensor occupies most of the surface of the IC card so that the fingerprint authentication processing is spontaneously executed by the finger contact of the IC card. The IC card according to claim 37. 39. The method of claim 7, 8, 9, 10, 11, 12,
13, 14, 15, 16, 17, 18, 19, 20, 2
1, 22, 23, 24, 25, 26, 27, 28, 2
9, 30, 31, 32, 33, 34, 35, 36, 37
Or the use of an IC card service utilization system comprising an IC card described in 38, a terminal capable of processing the IC card, and a service center connectable to the terminal, the IC card is only stored in the service center for the first time. By connecting via a terminal and performing new registration, and setting the usage environment between the IC card and the service center each time, a desired service can be requested and provided between the IC card and the service center. A method of using an IC card, comprising: 40. The new registration is performed in consideration of a result of the personal authentication by the IC card, and is performed based on the personal ID transmitted from the terminal to the service center. Based on the result of determining whether or not the service center can be used at the service center, if the service ID is available, the personal ID is registered with the service center, and the terminal transmits the personal ID transmitted from the service center. The IC card according to claim 39, wherein a service ID is transmitted to the IC card, and the service ID is stored in a nonvolatile memory of the IC card. Method. 41. The use environment setting is performed in consideration of the result of personal authentication by the IC card, and after the service beneficiary sets the service use right information for the terminal or the IC card, the setting is performed. The service use environment is transmitted to the service center together with the personal ID, the service center confirms the transmitted information and stores the information in the service center, and the terminal or the IC card stores the information in the IC card. 41. The method of using an IC card according to claim 39, wherein the same information as the information stored in the service center is written and registered in a non-volatile memory, and the process is performed through a series of steps described above. 42. Upon receiving the personal ID from a service requester, the terminal determines the necessity of personal authentication for the service requester from the service use right information, and as a result of the determination, Only in this case, after performing the specific physical feature detection processing by the authentication sensor unit in the IC card, the personal authentication determination is performed by comparing the processing result with the personal authentication data. If the determination is unnecessary or positive, the personal ID and the service ID are transmitted from the terminal to the service center. After the transmission center confirms the transmission information and determines that the service can be provided, the requested service is provided. 42. The method according to claim 41, wherein the processing is performed through a series of steps described above. 43. The IC card, upon receiving the service ID from the terminal, judges the necessity of personal authentication from the service use right information, and the IC card is provided by the authentication sensor unit only when necessary as a result of the judgment. After performing the unique physical characteristic detection process, the personal authentication determination is performed by comparing the processing result with the personal authentication data. If the personal authentication determination is unnecessary or positive, the service use environment is determined. 42. The IC according to claim 41, wherein it is determined whether or not the service is provided from the setting, and if it is determined that the service can be provided, the service is provided. Card usage. 44. The method according to claim 42, wherein the determination that the service can be provided includes causing the nonvolatile memory and the service center in the IC card to execute an additional storage of service provision information relating to service provision. Or the method for using an IC card according to 43. 45. The service providing information is transmitted simultaneously when the terminal and the service center transmit and receive the service ID or the personal ID via the terminal, and the transmitted information relating to the service providing information is transmitted. 45. It is confirmed whether or not the information and the information stored therein match, and if the information does not match, the service provision is stopped, or the program is executed by performing a series of steps as described above. How to use IC card.